Hi everyone,
For security reasons, I'm trying to block certain files from being downloaded by users who have no right to see them.
To be more precise, I want to prevent a vault admin from downloading a file he's not supposed to open.
I'm using the BeforeFileDownload eventhandler and I would like to get the permissions and check the users inside those permissions and throw an error if the current user is not inside.
I managed to do that with a static user group but I would like to make it dynamic through the permissions if possible. Otherwise I will try using mdc properties directly.
What I tried to do as I don't get the ObjVerEx with this event was to get the objVer with the ObjID :
var objID = env.ObjID;
var lastObjVer = env.Vault.ObjectOperations.GetLatestObjVer(objID, false);
var permissions = env.Vault.ObjectOperations.GetObjectPermissions(lastObjVer); ==> returns null
I managed to find this message inside some variable:
The access control list has metadata-defined permissions and is not accessible via classic mode operations. Please refer to the API documentation about advanced mode operations with metadata-defined permissions in M-Files version 8. (0x8004087E)
But maybe this has nothing to do.
